Microsoft.Identity.Web has been around for quite a while (roughly 7 months at the time of writing) as part of samples. Recently, it has been moved to a separate repository and the commit messages in the sample actually hint that it is soon to be released as a NuGet package which we all can make use of easily.

They include scope based authentication attributes which can be used in controllers

Shortcuts for calling the On-Behalf-Of flow

Support for conditional access from down stream APIs (yay, this is super cool too!)

What I love about this the most is that it covers most of the scenarios which you can encounter with Azure AD authentication in your web app.

Once it gets released as NuGet, I plan to port some of the functionality which I had in the Graph Helpers (the AzureAdAuthorization attribute for group-based/role-based authentication and MicrosoftGraphFactory) and try to have it as an extension to the Microsoft’s package, since for example in our apps, we use group-based authorization quite heavily.

I really can’t wait to see how this will evolve, especially if there are any plans to make the entire flow more friendly with Azure Functions.

Once Microsoft releases it as a NuGet package (v1), I plan to cover this library more deeply and post some experiences I had with moving existing applications to it.